Re: Call for Consensus: Subresource Integrity to FPWD.

On Tue, Mar 11, 2014 at 5:33 AM, Mike West <mkwst@google.com> wrote:
> The only open question in my head is whether we'd require _all_ of the
> supported integrity metadata sets to match, or just one.

If we are envisioning a hash function transition, then wouldn't we
wish to be able to add metadata for a future hash function that not
all clients support? Perhaps all "understood" metadata must match.

In order to keep the code simple I would suggest that only one
metadata set much match and that clients should choose the strongest
hash function. That way one can add other hash functions or modes in
the future without breaking backwards compat and clients can figure
out what they believe is the best function function to use when there
are several.


Cheers

AGL

Received on Tuesday, 11 March 2014 12:30:03 UTC